KDE Plasma 6.5 will finally include automatic day/night theme switching, to change light/dark Global Themes based on the time of the day.

You're reading KDE Plasma Adding Auto Day/Night Theme Switching, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Ubuntu Server 25.10 removes wget from its default installation, in favour of the wcurl tool. Here's why the change was made and if it'll affect you.

You're reading wget Removed from Ubuntu Server 25.10 Default Install, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Whether you’re new to Ubuntu or have been using it for years, The Ultimate Ubuntu Handbook offers a wealth of practical tips, time-saving tricks, and insider insights that will help you get even more out of your Ubuntu experience.

Roundup of July's smaller Linux app releases: Shotcut and Kdenlive video editors, Plank Reloaded dock, Krita performance fixes, and more.

You're reading Linux App Release Roundup (July 2025), a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

The US ending tariff exemption on goods under $800 could send the price of Raspberry Pi, mini PCs and other Linux hardware soaring — not just for buyers in America.

You're reading US Tariff Change Could Send SBC & Mini PC Prices Soaring, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Welcome to the new monthly unstable branch thread.

Recent News Kernel 6.15 is now EOL (click for more details) zabbix >= 7.4.1-2 may require manual intervention (click for more details) (click for more details) Notable Package Changes

• WebKitGTK 2.48.5
• KDE Plasma 6.4.4
• NetworkManager 1.54
• GStreamer 1.26.5
• KDE Frameworks 6.17.0
• GNOME 48.4
• NVIDIA 580.76.05
  • NOTE: The 580 series will be the last to support GPUs based on the Maxwell, Pascal, and Volta architectures. See Unix graphics feature deprecation schedule - Linux - NVIDIA Developer Forums
• VirtualBox 7.2.0
• KDE Gear 25.08
• Mesa 25.2.1
• Firefox 142.0.1
• LibreOffice 25.8.1
• Qt 6.9.2

Known Issues 2025-07-20 - grub update 2:2.12.r292 -> r350 (click for more details) 2025-06-22 - linux-firmware-amdgpu-20250613.12fe085f may create an unbootable system for RDNA4 GPUs or graphical glitches with RDNA3 GPUs (click for more details) 2025-06-01 - avahi-discover python script (click for more details) Chrome/Chromium-based browsers and GNOME 48 - Global Shortcuts (click for more details) python-gobject 3.52 breaks multiple apps (libpeas related) (click for more details) Possible breaking changes to pacman-mirrors (click for more details) Plasma 6.4.0 will need manual intervention if you are on X11 (click for more details) Additional Info Info about AUR packages (click for more details)

Get our latest daily developer images now from Github: Plasma, GNOME, XFCE. You can get the latest stable releases of Manjaro from CDN77.

Check if your mirror has already synced:

• Mirror-Check Service

48 posts - 17 participants

Read full topic

Ubuntu's DING extension adds new keyboard shortcuts for desktop icon selection, including multi-select, Ctrl+Space toggle, and HOME/END navigation.

You're reading Ubuntu’s Desktop Icons Extension Gains New Keyboard Shortcuts, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

The third monthly snapshot of Ubuntu 25.10 (Questing Quokka) is available to download, if you feel like helping the furry-faced mascot seeks out stable status.

You're reading Ubuntu 25.10 Snapshot 3 is Available to Download, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Proton launches a free, open-source 2FA app with cross-device sync. It works on all major OSes, including Ubuntu, as a privacy-focused alternative to Google Authenticator.

You're reading Proton’s New 2FA Authenticator App Supports Ubuntu, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

by George Whittaker Introduction

Flatpak promises a secure runtime for Linux applications through container-like isolation, relying on bubblewrap namespaces, syscall filtering, and portal interfaces. In theory, each app should operate inside a strong sandbox, disconnected from the host system. But in reality, experience shows gaps, tiny cracks through which apps may escape with serious consequences.

The Sandbox Promise… and the Reality

Flatpak applications begin life in a highly-restricted environment: no network by default, no access to host files beyond the runtime and a private data directory, limited syscalls, and restricted access to session or system services. Portals provide a controlled channel for granting specific capabilities (e.g. file dialogs, screenshot, printing) without broad privileges.

Yet, many Flatpak packages declare broad permissions like filesystem=home, filesystem=host, or device=all. That effectively grants full read-write access to the user's home directory or even system devices, defeating the purpose of the sandbox in practice. Users often assume that 'sandboxed' means locked-down, but blanket permissions expose them to risk.

Real-World Breakouts from the Sandbox CVE‑2024‑32462: RequestBackground Portal Abuse

Security researcher Gergo Koteles uncovered a high-severity vulnerability where malicious Flatpak apps could craft a .desktop file via the org.freedesktop.portal.Background.RequestBackground interface. That tricked Flatpak’s --command= parsing into injecting bwrap arguments (e.g. --bind). This allowed arbitrary host commands to execute outside the sandbox boundary. Versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8 were affected. Patched in the listed versions and mitigated in xdg-desktop-portal 1.18.4 and newer.

CVE‑2024‑42472: Persistent Data Symlink Exploit

A Flatpak flag, --persist (or persistent= in manifest), allows apps writable storage within their data directory. But if a malicious install replaces that directory with a symlink pointing to sensitive host folders (e.g. ~/.ssh), the sandbox mount entry follows it into the real filesystem, giving the app unintended access to files outside its name-spaced area. All versions up to 1.14.8 and 1.15.x ≤ 1.15.9 are vulnerable; patched in 1.14.10 and 1.15.10+.

Policy Complexity and Ecosystem Slip-Ups

A detailed study of hundreds of Flatpak and Snap packages found that nearly 42% of Flatpak apps either override the supposed isolation or misconfigure sandboxing, resulting in overprivilege or potential escape paths. Crafting fine-grained sandbox policy is hard, and mistakes slip through easily.

Go to Full Article

Keep on Linux-ing, even in the summer.

Hello community, here we have another set of package updates.

Current Promotions

• Protect your personal data, keep yourself safe with Surfshark VPN: See current promotion

Recent News

• Development | Q&A | Zotac Gaming ZONE
• Development | Q&A | OrangePi Neo-01
• Manjaro 25.0 Zetar released
• Manjaro Summit public Alpha now available
• As of Linux 6.14.11, the 6.14 series is now EOL (End Of Life). Please install 6.15 stable and/or 6.12 LTS (Long Term Support).

Valkey to replace Redis in the [extra] Repository (click for more details) Previous News Finding information easier about Manjaro (click for more details) Notable Package Updates

• Qemu 10.0.3
• Firefox 142.0b4
• Tuxedo-Drivers 4.14.4
• Slimbook-Service 0.8.5

Additional Info Python 3.13 info (click for more details) Info about AUR packages (click for more details)

Get our latest daily developer images now from Github: Plasma, GNOME, XFCE. You can get the latest stable releases of Manjaro from CDN77.

Our current supported kernels

• linux54 5.4.296
• linux510 5.10.240
• linux515 5.15.189
• linux61 6.1.147
• linux66 6.6.100
• linux612 6.12.40
• linux615 6.15.8
• linux616 6.16.0
• linux61-rt 6.1.146_rt53
• linux66-rt 6.6.99_rt58
• linux612-rt 6.12.39_rt11
• linux615-rt 6.15.0_rt2

Package Changes (Wed Jul 30 21:10:49 CEST 2025)

• testing core x86_64: 5 new and 5 removed package(s)
• testing extra x86_64: 1058 new and 1050 removed package(s)
• testing multilib x86_64: 2 new and 2 removed package(s)

Overlay Changes

• testing core x86_64: 11 new and 11 removed package(s)
• testing extra x86_64: 34 new and 37 removed package(s)

A list of all changes can be found here.

Click to view the poll.

Check if your mirror has already synced:

• Mirror-Check Service

3 posts - 3 participants

Read full topic

Ubuntu 25.10 improves experimental TPM-backed full-disk encryption, which ties security to hardware integrity. New options and checks will be in place.

You're reading Ubuntu 25.10 Offers Improved Disk Encryption Using TPM, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

Slash, loot, and grind your way through these Diablo-like games on Linux and Steam this summer.

A customisable photo widget for your GNOME desktop that shows images from any folder you like. Resizable and moveable, it adds personalised flourish.

You're reading GNOME Shell Gets a Proper Desktop Photo Widget (Finally), a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

The post How to Create Aliases (Shortcuts) for Common Commands in Linux first appeared on Tecmint: Linux Howtos, Tutorials & Guides .

Linux users often need to use one command over and over again. Typing or copying the same command over and

The post How to Create Aliases (Shortcuts) for Common Commands in Linux first appeared on Tecmint: Linux Howtos, Tutorials & Guides.

The post Internxt: Secure Open-Source Cloud Storage for Linux Users (87% Off) first appeared on Tecmint: Linux Howtos, Tutorials & Guides .

There are countless cloud storage platforms that provide safe and secure storage space for your files. Popular cloud storage apps

The post Internxt: Secure Open-Source Cloud Storage for Linux Users (87% Off) first appeared on Tecmint: Linux Howtos, Tutorials & Guides.

Fish might be the Bash alternative you didn't know you needed, thanks to features like highlighting, and smarter command suggestions. Learn how to install it on Ubuntu.

You're reading Fish is Like Bash With a Brain — Here’s How to Try it on Ubuntu, a blog post from OMG! Ubuntu. Do not reproduce elsewhere without permission.

by George Whittaker Opening the Curtain on Tails 6.0

On February 27, 2024, the Tails Project unveiled version 6.0, a milestone release built atop Debian 12 “Bookworm” and GNOME 43 . Tails, short for The Amnesic Incognito Live System, is engineered from the ground up to prevent data leakage, protect against targeted surveillance, and ensure that every use leaves no trace unless explicitly permitted . Version 6.0 refines this mission with a bold suite of features tailored to block modern surveillance tactics.

USB Integrity: Stopping Sneaky Hardware Threats Warnings for Persistent Storage Failures

Live USBs are critical lifelines for persistence in Tails. Now, Tails 6.0 alerts users when underlying storage suffers read/write errors. This early detection, prior to catastrophic data loss, allows users to back up their encrypted areas before disaster strikes .

Defense Against Rogue USB Devices

One of the stealthiest attack vectors involves plugging in malicious USB gear while a device is unattended. Tails now ignores any USB device connected while the screen is locked. Only when the screen is unlocked can new USB devices be activated, closing the door on rubber‑duckying-style malware delivery .

Usability Upgrades That Don’t Sacrifice Security Automatic Device Mounting with Safeguards

Plug in a flash drive or encrypted external disk while Tails is unlocked, and the system now instantly mounts the device and prompts for decryption (e.g. VeraCrypt volumes), smoothing workflow while preserving safeguards .

Ambient Display Options for Privacy-Conscious Use

GNOME 43 brings native support for dark mode, night‑light warm tones, or combinations thereof, all accessible via the system menu. These modes reduce eye strain and lower screen glare in sensitive situations, minimizing accidental disclosure in low-light settings .

Simplified Screenshots and Screencast Access

Through a redesigned system menu, users can now take screenshots or record screencasts with a few clicks—reducing reliance on external tools and minimizing exposure via unnecessary browser or app use .

Streamlined Gmail Setup in Thunderbird

Configuring a Gmail account is now smoother: Tails 6.0 allows direct sign‑in within Thunderbird using standard two-step verification, no manual IMAP or security adjustments required, eliminating error-prone manual steps .

Go to Full Article

The post 10 Must-Know sFTP Commands for Linux File Transfers first appeared on Tecmint: Linux Howtos, Tutorials & Guides .

File Transfer Protocol (FTP) was once a widely used method for transferring files or data remotely. However, it transmits information

The post 10 Must-Know sFTP Commands for Linux File Transfers first appeared on Tecmint: Linux Howtos, Tutorials & Guides.